User-made patch allows for Windows 7 and 8.1 users to install updates on Kaby Lake and Ryzen

no-more-windows-7-updates-100714556-larg

Sauce: https://www.bleepingcomputer.com/news/microsoft/user-made-patch-lets-owners-of-next-gen-cpus-install-updates-on-windows-7-andamp-8-1/

 

Quote

GitHub user Zeffy has created a patch that removes a limitation that Microsoft imposed on users of 7th generation processors, a limit that prevents users from receiving Windows updates if they still use Windows 7 and 8.1.

This limitation was delivered through Windows Update KB4012218 (March 2017 Patch Tuesday) and has made many owners of Intel Kaby Lake and AMD Bristol Ridge CPUs very angry last week, as they weren’t able to install any Windows updates.

Basically: Microsoft blocks Windows updates if you’re using Windows 7 or 8.1 on Kaby Lake and Ryzen. Users get mad and look for a workaround. People have found that workaround.

 

Quote

Microsoft’s move was controversial, but the company did its due diligence, and warned customers of its intention since January 2016, giving users enough time to update to Windows 10, move to a new OS, or downgrade their CPU, if they needed to remain on Windows 7 or 8.1 for various reasons.

When the April 2017 Patch Tuesday came around last week, GitHub user Zeffy finally had the chance to test four batch scripts he created in March, after the release of KB4012218.

What this script does is explained here:

Quote

His scripts worked as intended by patching Windows DLL files, skipping the CPU version check, and delivering updates to Windows 7 and 8.1 computers running 7th generation CPUs.

It skips several checks that Microsoft added to Windows in the last Patch Tuesday, allowing Windows 7 and 8.1 to continue to receive updates on Kaby Lake and Ryzen. This was done by reverse engineering the update KB4012218.

 

Quote

According to Zeffy’s README file, he created the four batch scripts by reverse engineering the KB4012218 Windows Update, and comparing versions of the new files with the ones already on his PC.

By running a simple diff operation on these files, he was able to discover two new functions “IsCPUSupported(void)” and “IsDeviceServiceable(void)” inside the March 2017 version of wuaueng.dll, delivered through KB4012218.

But how does this do what it does? It’s simple. It sets those two flags to 1, which means “supported CPU”.

 

Quote

Zeffy’s scripts patch this DLL file and make the two functions output “1”, which translates to “supported CPU.” This, in turn, starts the update procedure, delivering new security updates to users Microsoft wanted to block.

However, there’s a downside. This script must be run again whenever Microsoft patches wuaueng.dll.

 

Quote

“The only downside of these solutions is you have to apply a new patch whenever wuaueng.dll gets updated,” says Zeffy in his GitHub repo README. Fortunately, the entire task doesn’t take long to complete.

 

If you want to try this out yourself, then I’d suggest creating a system restore point and back up the original wuaueng.dll file first. The fact that this was done in just a month shows that there’s a lot of truth to “when there’s a will, there’s a way”, and the persistence needed to get to that point. Now, what I want to know is, how long until Microsoft patches this out again?

Leave a Reply

Your email address will not be published. Required fields are marked *